How can we improve Kerio Connect?

Two factor authentification for the webmail

Add two factor authentication for the webmail. Webmail is often used insecure places (webcafes / public networks etc). Two factor authentication through Goolge Authenticator or a Yubi Key would reduce the ability for keyloggers and password sniffers to do their thing.
Also this is a feature for the users that are a bit more concerned about the security of their mail than regular users.

306 votes
Vote
Sign in
Signed in as (Sign out)
You have left! (?) (thinking…)
Eivind NagEivind Nag shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

14 comments

Sign in
Signed in as (Sign out)
Submitting...
  • Daniel VugteveenDaniel Vugteveen commented  ·   ·  Flag as inappropriate

    The feature is very important to us. It can no longer wait as our medical and defense customers are requiring our systems to be more secure.

  • VR HoisingtonVR Hoisington commented  ·   ·  Flag as inappropriate

    Another vote for 2 (or multi) factor authentication. Symantec VIP access or Duo are other options.
    Kerio Control has it. Why not Kerio Connect?
    We're not government but heavily regulated and Cybersecurity is a hot topic. 2FA will become a necessity before long.

  • ToddTodd commented  ·   ·  Flag as inappropriate

    Would be nice to have but less of a need in our case as users don't log in from public devices. If they don't have a laptop then at the very least they have a smartphone. But I can see a need for many companies that work differently.

  • SeanSean commented  ·   ·  Flag as inappropriate

    +1 for yubikey support (U2F and using the yubikey authentication service)

  • AdministratorAdministrator commented  ·   ·  Flag as inappropriate

    i'm a fairly new reseller of kerio products and people love it but i feel like these accounts will slowly come to an end. customers are demanding greater security and they're wondering why they can login to their email address from anywhere without any warnings or prompts to continue.

    webmail should be protected, maybe even outlook's connector and also phone config should be notifying an administrator to approve deviceid's, as in, allow it in, jail the email and don't show the new set up any existing emails until it's been verified by an admin that it is allowed.

  • Darius PaulyDarius Pauly commented  ·   ·  Flag as inappropriate

    This should be implemented as an option for all authentication, not just webmail.

    am also in favor!

  • Kachen SucaravetsiriKachen Sucaravetsiri commented  ·   ·  Flag as inappropriate

    We are government organization with 2500+ mailboxes. Some of our mailboxes are top management. Without two factor authentication, Kerio Connect considered insecured. This feature has been suggested since 2014 and regretably there is no movement as yet.

    We are looking forward for your positive response on this. We would love to maintain our positive though with Kerio Connect.

Feedback and Knowledge Base